DevOps Tools Introduction #10: Ansible

Objective 704.1 of the DevOps Tools Engineer exam covers configuration management using Ansible. With a weight of eight, this is one of the most important topics on the exam. This should be reflected in the time and effort spent learning and practicing with Ansible.

To use Ansible, some requirements need to be met on the machine running Ansible as well as on the target system configured by Ansible. The Installation chapter in the Ansible documentation describes these requirements and contains instructions for a number of Linux distributions. Once everything is prepared, Ansible’s Getting Started guide shows you how to run individual Ansible modules. To get some more experience in using individual Ansible tasks, read the Ad hoc commands section of the Ansible documentation.

The target systems managed by Ansible are called inventory. Initially, inventory files define target systems and their properties. In more complex setups, dynamic inventories can leverage other systems in order to retrieve the inventory at runtime.

The real power of Ansible comes from playbooks, which coordinate the execution of sequences of tasks defined in a playbook. The Ansible Documentation contains a whole section on playbooks which you should read completely. Spend special care on the topics mentioned in the exam objectives, such as variables, conditionals, loops and Jinja2 templates.

The tasks available in Ansible playbooks are provided by modules. The Module Index lists the official Ansible modules, by categories. Browse through these categories and learn more about useful modules. Spend extra time on those modules mentioned in the exam objectives, such as file, copy, template, ini_file, lineinfile, patch, replace, user, group, command, shell, service, systemd, cron, apt, debconf, yum, git, and debug.

Applying a configuration to a target system often involves confidential data, such as encryption keys or passwords. Ansible can store secrets in encrypted vaults. The Ansible Vault documentation explains how this is done.

In order to avoid writing the same playbooks over and over again, Ansible supports grouping specific functionality into roles. The documentation of the command ansible-galaxy illustrates how to manage and create roles. The Ansible Galaxy portal collects roles and provides a tool to easily download and use them. Browse around the collection of roles and spend the time to analyze some of the interesting roles.

Finally, LPI wants you to be aware of Ansible for non-Linux systems and containers. The official documentation contains information for Windows as well as for BSD. Ansible Container is described in a dedicated overview page.

When practicing Ansible, you’ll need a few target systems to configure and you’ll certainly reinstall them a few times to clean up some experiments. This is a great opportunity to also practice the previous section’s contents; use cloud-init to prepare IaaS instances to be configured by Ansible, create a Vagrantfile that does the same or use Packer to prepare images for Ansible. Besides Ansible, several other configuration management tools exist. We will investigate their features next week.

Previous post | Next post

About Fabian Thorns:

Fabian Thorns is the Director of Product Development at Linux Professional Institute, LPI. He is M.Sc. Business Information Systems, a regular speaker at open source events and the author of numerous articles and books. Fabian has been part of the exam development team since 2010. Connect with him on LinkedIn, XING or via email (fthorns at www.lpi.org).

Leave a Reply

Your email address will not be published. Required fields are marked *